Powered by Zoomin Software. For more details please contactZoomin

Flowmon Virtual Appliances

Table of Contents

Amazon VPC Traffic Mirroring

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 27, 2026
  • 3 minute read
    • Flowmon Products
    • Flowmon
    • Documentation

Overview

Flowmon takes advantage of Amazon Virtual Public Cloud (Amazon VPC) traffic mirroring in Amazon Web Services (AWS) to help you to:

  • Get instant network insights
  • Resolve performance issues
  • Identify optimization opportunities
  • Secure your infrastructure across environments
  • Support business-critical services
Diagram showing AWS mirroring process
Diagram showing AWS mirroring process

The aim is to mirror the network traffic passing through a desired network interface (eni-a in the figure below) and send it to an interface where the mirrored traffic can be processed, visualized and analyzed with the Flowmon Collector (eni-b in the figure below).

Diagram showing AWS traffic mirroring setup between interfaces
Diagram showing AWS traffic mirroring setup between interfaces

Prerequisites

You must have:

Deployment

To configure VPC traffic mirroring in AWS, you must perform the following steps:

  1. Create a Traffic Mirror Target.
  2. Create a Traffic Mirror Filter.
  3. Create a Traffic Mirror Session.
  4. Allow VxLAN traffic to the collector.

Create a Traffic Mirror Target

To create a traffic mirror target:

  1. In the AWS Web Console, select the VPC service.
  2. Select Mirror Targets in the Traffic Mirroring section.
  3. Click Create traffic mirror target.
  4. Enter a name and description. Ensure Target type is set to Network Interface and the Target is Flowmon's monitoring interface.
  5. Create the mirror target.
Screenshot of creating a traffic mirror target
Screenshot of creating a traffic mirror target

Create a traffic mirror filter

To create a traffic mirror filter:

  1. Choose Mirror Filters in the Traffic Mirroring section.
  2. Click Create traffic mirror filter.
  3. Choose any name and description you want.
  4. Describe the type of inbound and outbound traffic you want to be mirrored (in the example in the screenshot below, all traffic is mirrored).
  5. Create the mirror filter.
Screenshot of creating a traffic mirror filter
Screenshot of creating a traffic mirror filter

Configure a traffic mirror session

To configure a traffic mirror session:

  1. Select Mirror Sessions in the Traffic Mirroring section.
  2. Click Create traffic mirror session.
  3. Enter a name and description.
  4. Set the virtual instance's port as the Mirror source.
  5. Select the Mirror target and Mirror filter created earlier.
  6. Create the mirror session.
Screenshot of creating a traffic mirror session
Screenshot of creating a traffic mirror session

Allow VxLAN traffic to the Collector

To allow VxLAN traffic to the Collector:

  1. In the AWS Web Console, select the EC2 service.
  2. Find the Security Group applied to Flowmon's monitoring interface in the Security groups panel.
  3. Add an inbound rule to enable receiving VxLAN traffic from the IP address of the virtual instance's interface.
  4. Save the inbound rule.
Screenshot of enabling VxLAN traffic
Screenshot of enabling VxLAN traffic

Flowmon configuration

To configure the Flowmon Collector:

  1. Go to the Flowmon Configuration Center of your Flowmon Collector.
  2. Select the Monitoring Ports panel.
  3. Under Global settings > Advanced settings, enable VxLAN decapsulation on port 4789.
  4. Click Save.
Screenshot of Flowmon configuration for VxLAN

TitleResults for “How to create a CRG?”Also Available inAlert